package com.ailot.cloud.base.security.authentication.model;

import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;

import java.util.Collection;

public class JwtAuthenticationToken extends AbstractAuthenticationToken {

    /**
     * 登录信息
     */
    private final Object principal;
    /**
     * 凭证
     */
    private final Object credentials;

    /**
     * 创建已认证的授权
     *
     * @param authorities
     * @param principal
     * @param credentials
     */
    public JwtAuthenticationToken(Collection<? extends GrantedAuthority> authorities, Object principal, Object credentials) {
        super(authorities);
        this.principal = principal;
        this.credentials = credentials;
        super.setAuthenticated(true);
    }

    /**
     * 创建未认证的授权
     *
     * @param principal
     * @param credentials
     */
    public JwtAuthenticationToken(Object principal, Object credentials) {
        //因为刚开始并没有认证，因此用户没有任何权限，并且设置没有认证的信息（setAuthenticated(false)）
        super(null);
        this.principal = principal;
        this.credentials = credentials;
        super.setAuthenticated(false);
    }

    @Override
    public Object getCredentials() {
        return this.credentials;
    }

    @Override
    public Object getPrincipal() {
        return this.principal;
    }
}
